JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 160.250.255.141

160.250.255.141 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 27%: ?

27%

ISP	Internet Service Provider
Usage Type	Fixed Line ISP
ASN	AS139922
Domain Name	oasis-internet.net
Country	🇳🇵 Nepal
City	Kathmandu, Bagmati Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 160.250.255.141

Whois 160.250.255.141

IP Abuse Reports for 160.250.255.141:

This IP address has been reported a total of 15 times from 13 distinct sources. 160.250.255.141 was first reported on May 18th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Jason Howell	2026-06-17 10:26:09 (4 days ago)	160.250.255.141 - - [17/Jun/2026:05:17:39 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4746 "-" "Jetpack b ... show more 160.250.255.141 - - [17/Jun/2026:05:17:39 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4746 "-" "Jetpack by WordPress.com" 160.250.255.141 - - [17/Jun/2026:05:19:47 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" 160.250.255.141 - - [17/Jun/2026:05:21:54 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack by WordPress.com" 160.250.255.141 - - [17/Jun/2026:05:24:01 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" 160.250.255.141 - - [17/Jun/2026:05:26:08 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4746 "-" "WordPress.com; https://wordpress.com" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:18:54 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 160.250.255.141 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 160.250.255.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:18:50.137764 2026] [security2:error] [pid 19152:tid 19152] [client 160.250.255.141:2868] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 160.250.255.141 (+1 hits since last alert)\|desarrollosdecolima.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desarrollosdecolima.com"] [uri "/xmlrpc.php"] [unique_id "ajI8Smwh_d2DkVqVv9Ex1QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 05:17:20 (4 days ago)	[redacted] 160.250.255.141 - - [17/Jun/2026:07:16:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 160.250.255.141 - - [17/Jun/2026:07:16:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 160.250.255.141 - - [17/Jun/2026:07:16:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 160.250.255.141 - - [17/Jun/2026:07:16:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 160.250.255.141 - - [17/Jun/2026:07:17:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site62669770.com" [redacted] 160.250.255.141 - - [17/Jun/2026:07:17:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇲🇹 Malta	2026-05-12 10:36:22 (1 month ago)	160.250.255.141 - - [12/May/2026:12:36:21 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 160.250.255.141 - - [12/May/2026:12:36:21 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 RAP	2026-04-29 15:39:12 (1 month ago)	2026-04-29 15:39:12 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇦🇺 Telemetry2U.com	2026-02-27 15:59:06 (3 months ago)	SQL Injection attempt detected	Web App Attack SQL Injection
🇹🇷 rtbh.com.tr	2026-02-15 20:11:35 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-14 20:11:34 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 filstal.org	2026-02-13 19:25:01 (4 months ago)	CrowdSec-Report: crowdsecurity/dovecot-spam	Email Spam Brute-Force
🇫🇷 security.rdmc.fr	2026-01-10 06:22:07 (5 months ago)	Port Scan Attack proto:TCP src:21020 dst:23	Port Scan
Anonymous	2025-11-25 03:37:30 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-07-28 16:31:18 (10 months ago)	Failed login attempt detected by Fail2Ban in recidive jail	Brute-Force
🇳🇱 Cloud86 B.V.	2025-07-22 17:40:06 (10 months ago)	Email spam	Email Spam
🇳🇱 Cloud86 B.V.	2025-07-20 17:15:04 (11 months ago)	Email spam	Email Spam
Anonymous	2025-05-18 15:36:31 (1 year ago)	Ports: 143,993; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.108.174.4

🇷🇴 193.32.162.16

🇫🇮 138.124.5.60

🇹🇼 118.163.132.212

🇨🇳 117.143.47.142

🇳🇱 45.148.10.35

🇨🇳 222.195.92.204

🇻🇳 171.244.37.97

🇩🇪 167.94.146.45

🇺🇸 162.216.149.26

🇨🇳 116.179.32.162

🇨🇳 60.10.50.90

🇺🇸 45.131.194.90

🇺🇸 20.80.52.246

🇯🇵 8.216.7.91

🇩🇪 164.90.172.242

🇺🇸 162.216.149.109

🇺🇸 162.216.149.12

🇨🇳 123.57.252.201

🇰🇿 95.59.142.69